Details of VAR-201810-0492

ID

VAR-201810-0492

CVE

CVE-2018-17908

TITLE

Advantech WebAccess Improper Access Control Vulnerability

Trust: 0.8

sources: IVD: e2fec8cf-39ab-11e9-89cc-000c29342cb1 // CNVD: CNVD-2018-21936

DESCRIPTION

WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it after the installation is complete. This could allow an attacker to run elevated arbitrary code. WebAccess Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Advantech WebAccess Node. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the access controls that are set and modified during the installation of the product. Advantech (Advantech) WebAccess software is the core of Advantech's IoT application platform solution, providing users with a user interface based on HTML5 technology to achieve cross-platform and cross-browser data access experience. Advantech WebAccess is prone to the following security vulnerabilities: 1. A stack-based buffer overflow vulnerability 2. This may aid in further attacks. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Trust: 3.96

sources: NVD: CVE-2018-17908 // JVNDB: JVNDB-2018-011341 // ZDI: ZDI-18-1331 // ZDI: ZDI-18-1329 // CNVD: CNVD-2018-21936 // BID: 105736 // IVD: e2fec8cf-39ab-11e9-89cc-000c29342cb1 // VULHUB: VHN-128414

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2fec8cf-39ab-11e9-89cc-000c29342cb1 // CNVD: CNVD-2018-21936

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess	scope:	lte	version:	8.3.2	Trust: 1.8
vendor:	advantech	model:	webaccess	scope:	-	version:	-	Trust: 1.4
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.3.2	Trust: 0.9
vendor:	advantech	model:	webaccess	scope:	lte	version:	<=8.3.1	Trust: 0.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.3.1	Trust: 0.3
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.3	Trust: 0.3
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.2	Trust: 0.3
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.1	Trust: 0.3
vendor:	advantech	model:	webaccess	scope:	eq	version:	8	Trust: 0.3
vendor:	advantech	model:	webaccess	scope:	ne	version:	8.3.3	Trust: 0.3
vendor:	webaccess	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e2fec8cf-39ab-11e9-89cc-000c29342cb1 // ZDI: ZDI-18-1331 // ZDI: ZDI-18-1329 // CNVD: CNVD-2018-21936 // BID: 105736 // JVNDB: JVNDB-2018-011341 // CNNVD: CNNVD-201810-1272 // NVD: CVE-2018-17908

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2018-17908
value:	HIGH
Trust: 1.4
nvd@nist.gov:	CVE-2018-17908
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-17908
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-21936
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201810-1272
value:	HIGH
Trust: 0.6
IVD:	e2fec8cf-39ab-11e9-89cc-000c29342cb1
value:	HIGH
Trust: 0.2
VULHUB:	VHN-128414
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-17908
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-21936
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2fec8cf-39ab-11e9-89cc-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-128414
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-17908
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8
ZDI:	CVE-2018-17908
baseSeverity:	HIGH
baseScore:	8.4
vectorString:	AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.5
impactScore:	5.9
version:	3.0
Trust: 1.4

sources: IVD: e2fec8cf-39ab-11e9-89cc-000c29342cb1 // ZDI: ZDI-18-1331 // ZDI: ZDI-18-1329 // CNVD: CNVD-2018-21936 // VULHUB: VHN-128414 // JVNDB: JVNDB-2018-011341 // CNNVD: CNNVD-201810-1272 // NVD: CVE-2018-17908

PROBLEMTYPE DATA

problemtype:

CWE-284

Trust: 1.9

sources: VULHUB: VHN-128414 // JVNDB: JVNDB-2018-011341 // NVD: CVE-2018-17908

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201810-1272

TYPE

Access control error

Trust: 0.8

sources: IVD: e2fec8cf-39ab-11e9-89cc-000c29342cb1 // CNNVD: CNNVD-201810-1272

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011341

PATCH

title:	Advantech has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-18-298-02	Trust: 1.4
title:	Advantech WebAccess	url:	https://www.advantech.com/industrial-automation/webaccess/webaccessscada	Trust: 0.8
title:	Advantech WebAccess improper access control vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/143395	Trust: 0.6
title:	Advantech WebAccess Fixes for access control error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86344	Trust: 0.6

sources: ZDI: ZDI-18-1331 // ZDI: ZDI-18-1329 // CNVD: CNVD-2018-21936 // JVNDB: JVNDB-2018-011341 // CNNVD: CNNVD-201810-1272

EXTERNAL IDS

db:	NVD	id:	CVE-2018-17908	Trust: 5.0
db:	ICS CERT	id:	ICSA-18-298-02	Trust: 3.4
db:	BID	id:	105736	Trust: 2.0
db:	SECTRACK	id:	1041957	Trust: 1.7
db:	CNNVD	id:	CNNVD-201810-1272	Trust: 0.9
db:	CNVD	id:	CNVD-2018-21936	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-011341	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-7167	Trust: 0.7
db:	ZDI	id:	ZDI-18-1331	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-7154	Trust: 0.7
db:	ZDI	id:	ZDI-18-1329	Trust: 0.7
db:	IVD	id:	E2FEC8CF-39AB-11E9-89CC-000C29342CB1	Trust: 0.2
db:	VULHUB	id:	VHN-128414	Trust: 0.1

sources: IVD: e2fec8cf-39ab-11e9-89cc-000c29342cb1 // ZDI: ZDI-18-1331 // ZDI: ZDI-18-1329 // CNVD: CNVD-2018-21936 // VULHUB: VHN-128414 // BID: 105736 // JVNDB: JVNDB-2018-011341 // CNNVD: CNNVD-201810-1272 // NVD: CVE-2018-17908

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-298-02	Trust: 4.8
url:	http://www.securityfocus.com/bid/105736	Trust: 1.7
url:	http://www.securitytracker.com/id/1041957	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17908	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-17908	Trust: 0.8
url:	http://webaccess.advantech.com	Trust: 0.3

sources: ZDI: ZDI-18-1331 // ZDI: ZDI-18-1329 // CNVD: CNVD-2018-21936 // VULHUB: VHN-128414 // BID: 105736 // JVNDB: JVNDB-2018-011341 // CNNVD: CNNVD-201810-1272 // NVD: CVE-2018-17908

CREDITS

Mat Powell of Trend Micro Zero Day Initiative

Trust: 1.4

sources: ZDI: ZDI-18-1331 // ZDI: ZDI-18-1329

SOURCES

db:	IVD	id:	e2fec8cf-39ab-11e9-89cc-000c29342cb1
db:	ZDI	id:	ZDI-18-1331
db:	ZDI	id:	ZDI-18-1329
db:	CNVD	id:	CNVD-2018-21936
db:	VULHUB	id:	VHN-128414
db:	BID	id:	105736
db:	JVNDB	id:	JVNDB-2018-011341
db:	CNNVD	id:	CNNVD-201810-1272
db:	NVD	id:	CVE-2018-17908

LAST UPDATE DATE

2024-08-14T14:57:07.694000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-18-1331	date:	2018-10-31T00:00:00
db:	ZDI	id:	ZDI-18-1329	date:	2018-10-31T00:00:00
db:	CNVD	id:	CNVD-2018-21936	date:	2018-10-28T00:00:00
db:	VULHUB	id:	VHN-128414	date:	2019-10-09T00:00:00
db:	BID	id:	105736	date:	2018-10-25T00:00:00
db:	JVNDB	id:	JVNDB-2018-011341	date:	2019-01-10T00:00:00
db:	CNNVD	id:	CNNVD-201810-1272	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-17908	date:	2019-10-09T23:37:02.363

SOURCES RELEASE DATE

db:	IVD	id:	e2fec8cf-39ab-11e9-89cc-000c29342cb1	date:	2018-10-28T00:00:00
db:	ZDI	id:	ZDI-18-1331	date:	2018-10-31T00:00:00
db:	ZDI	id:	ZDI-18-1329	date:	2018-10-31T00:00:00
db:	CNVD	id:	CNVD-2018-21936	date:	2018-10-28T00:00:00
db:	VULHUB	id:	VHN-128414	date:	2018-10-29T00:00:00
db:	BID	id:	105736	date:	2018-10-25T00:00:00
db:	JVNDB	id:	JVNDB-2018-011341	date:	2019-01-10T00:00:00
db:	CNNVD	id:	CNNVD-201810-1272	date:	2018-10-26T00:00:00
db:	NVD	id:	CVE-2018-17908	date:	2018-10-29T18:29:08.277